INSTAR 2K+/4K UART improper physical access control_CVE-2025-8762

7 / 10

HIGH

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper physical access control. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8762

Source VulDB

Published Aug 13, 2025 at 06:14

Affected Product

Vendor INSTAR

Product 2K+

Version 3.11.1 Build 1124

Affected Versions INSTAR 2K+ 3.11.1 Build 1124
INSTAR 4K 3.11.1 Build 1124

CWE Classification

CWE-1263 CWE-284

References

{
    "lastseen": "",
    "description": "A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper physical access control. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-13T06:14:04.487Z",
    "modified": "2025-08-13T06:14:04.487Z",
    "type": "cve",
    "title": "INSTAR 2K+/4K UART improper physical access control",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319865\nhttps://vuldb.com/?ctiid.319865\nhttps://modzero.com/static/MZ-25-03_modzero_INSTAR.pdf",
    "id": "CVE-2025-8762",
    "bulletinFamily": "",
    "cwe": [
        "CWE-1263",
        "CWE-284"
    ],
    "cvelist": null,
    "sourceData": "INSTAR 2K+ 3.11.1 Build 1124\nINSTAR 4K 3.11.1 Build 1124",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "2K+",
    "version": "3.11.1 Build 1124",
    "vendor": "INSTAR",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}